terraform-vault/2024-servers.yaml at 8070b6f66bba458a52799ab858e917b0d8a41d2a - terraform-vault - Gitea

unkin/terraform-vault

Ben Vincent 8070b6f66b feat: major restructuring in migration to terragrunt

- migrate from individual terraform files to config-driven terragrunt module structure
- add vault_cluster module with config discovery system
- replace individual .tf files with centralized config.hcl
- restructure auth and secret backends as configurable modules
- move auth roles and secret backends to yaml-based configuration
- convert policies from .hcl to .yaml format, add rules/auth definition
- add pre-commit hooks for yaml formatting and file cleanup
- add terragrunt cache to gitignore
- update makefile with terragrunt commands and format target

2026-01-26 23:02:44 +11:00

16 lines

322 B

YAML

Raw Blame History

 backend: "pki_root"
 allow_ip_sans: true
 allowed_domains:
   - "unkin.net"
   - "unkin.local"
 allow_subdomains: true
 allow_glob_domains: false
 allow_bare_domains: true
 enforce_hostnames: false
 allow_any_name: false
 max_ttl: 31536000  # 8760h in seconds
 key_bits: 2048
 country: []
 use_csr_common_name: true
 use_csr_sans: true